Computer Professionals for Social Responsibility ("CPSR") is a
non-profit membership organization, incorporated in the state of
California, with offices in Palo Alto, CA, Cambridge, MA and
Washington, DC. CPSR's membership includes a Nobel Laureate and four
recipients of the Turing Award, the highest honor in computer
science. CPSR's activities include the review of governmental
computing policies to determine their possible impact on privacy and
civil liberties interests. CPSR has prepared reports and presented
testimony on computer technology and privacy issues at the request of
congressional committees./1/

The misuse of the Social Security number ("SSN") is a risk to
public safety and a threat to personal privacy. Such careless
information practices are opposed by professional computing
societies. Professional codes of ethics clearly state the importance
of privacy protection in the design of computer systems./2/ Automated
information systems, by virtue of their great processing capability,
pose an ongoing risk to personal privacy. For this reason, the
computer science community has long argued that adequate safeguards
must be established to protect personal information, including the
Social Security number./3/ Computer scientists have also played a
prominent role in congressional proceedings and the de-velopment of
key reports that gave rise to many of the privacy laws in the United
States today./4/ And computer privacy remains a cen-tral concern at
regular meetings of computer pro-fessionals./5/

As the leading organization in the United States concerned with
the impact of computer technology on personal privacy, CPSR has a
substantial interest in legislative and judicial proceedings
addressing the confidentiality of the SSN and has contributed its
views and expertise to congressional committees/6/ and courts/7/
considering the issue.

SUMMARY OF ARGUMENT

At issue in this case is whether the Virginia State Board of
Elections violated appellant's constitutional right to vote by
demanding appellant's Social Security number as a condition of voter
registration, where the Board does not maintain the confidentiality
of the SSN and freely discloses voter registration information --
including the SSN -- upon request. In short, the issue is whether the
right to vote may be encumbered by conditioning its exercise upon the
relinquishment of substantial privacy interests.

A review of relevant legislative and judicial pronouncements shows
that the unnecessary disclosure of the SSN has long been opposed.
Indeed, in 1974 Congress explicitly recognized the particular risk to
privacy that could result from the unnecessary disclosure of the
Social Security number and therefore enacted restrictions on its use.

The extent of the privacy invasion at issue here becomes apparent
when one considers that the Social Security number is used as an
identification code for databases containing a wide range of
financial, medical, educational, and credit information. It is like a
master key that once obtained opens many doors. Public safety and
personal privacy require that the distribution of such a key be
carefully controlled.

In recognition of the substantial risk that the unnecessary
disclosure of the SSN might pose to public safety and personal
privacy, the federal courts have protected the confidentiality of the
number against unwarranted disclosure. Amicus believes that this
Court should continue to provide that protection in this case and
hold that Virginia's demand that a voter's SSN be provided and freely
disclosed is an unnecessary and unconstitutional impediment to the
right to vote.

ARGUMENT

Consideration of appellant's claim -- that collection and
disclosure of his SSN exacts an impermissibly heavy price on the
right to vote -- requires an appreciation of the harm appellant will
suffer if he is compelled to comply with Virginia's registration
requirements. While the disclosure of a nine-digit number might, at
first blush, appear to be of little consequence, examination of the
history of the SSN and its proliferating abuse demonstrates that the
personal privacy implications are substantial. Indeed, the burden at
issue here is far heavier than the $1.50 Virginia poll tax struck
down as unconstitutional by the Supreme Court twenty-six years ago.
Harper v. Virginia State Board of Elections, 383 U.S. 663 (1966).

I. The Unnecessary Disclosure of the SSN Raises
Substantial Issues of Personal Privacy

Our legal system has long recognized and protected the right of
personal privacy. The drafters of the Constitution "conferred, as
against the Government, the right to be let alone -- the most
comprehensive of rights and the right most valued by civilized man.
To protect that right, every unjustifiable intrusion by the
Government upon the privacy of the individual, whatever the means
employed, must be deemed a violation" of constitutional principles.
Olmstead v. United States, 277 U.S. 438, 478 (1928) (Brandeis, J.,
dissenting).

Justice Brandeis recognized that the First Principles enunciated
in the Constitution have the "capacity of adaptation to a changing
world" and must be applied to "new conditions" and technologies. Id.
at 472. In the Olmstead case, Justice Brandeis anticipated that
technological change would pose new challenges to the courts, and
that the protection of liberty in this realm would require great
vigilance. Justice Brandeis's formulation of the privacy problem that
results from rapidly changing technologies was eventually adopted by
the Supreme Court in United States v. Katz, 389 U.S. 347 (1967)./8/

As the Supreme Court more recently noted, "both the common law and
the literal understandings of privacy encompass the individual's
control of information concerning his or her person." Department of
Justice v. Reporters Committee for Freedom of the Press, 109 S. Ct.
1468, 1476 (1989). See also A. Westin, Privacy and Freedom 7 (1967)
("Privacy is the claim of individuals ... to determine for themselves
when, how, and to what extent information about them is communicated
to others").

Protection of privacy rights is particularly important when the
administrative convenience afforded by computer technology may
obscure the underlying privacy interest in controlling the
collection, use and disclosure of personal information./9/ The courts
must be vigilant in the face of bureaucratic tendencies to ignore
appropriate measures for safeguarding personal information,
particularly where multi-use identifiers such as the SSN are likely
to exacerbate the privacy harm that would result from unlawful
disclosure. The Supreme Court has recognized the risks to personal
privacy created by "unwarranted disclosures" in the computer age.

We are not unaware of the threat to privacy implicit
in the accumulation of vast amounts of personal information in
computerized data banks or other massive government files. The
collection of taxes, the distribution of welfare and social security
benefits, the supervision of public health, the direction of our
Armed Forces, and the enforcement of the criminal laws all require
the orderly preservation of great quantities of information, much of
which is personal in character and potentially embarrassing or
harmful if disclosed. The right to collect and use such data for
public purposes is typically accompanied by a concomitant statutory
or regulatory duty to avoid unwarranted disclosures.

Indeed, the Supreme Court has noted recently that the Privacy Act
"was passed in 1974 largely out of concern over 'the impact of
computer data banks on individual privacy.'" Reporters Committee, 109
S. Ct. at 1478 (citation omitted). That concern looms large when --
as in this case -- individuals' Social Security numbers are demanded
for purposes unrelated to the SSN's intended use and are
indiscriminately disclosed.

A. History of the SSN and Restrictions on
its Use

Although the Social Security number has been with us since 1936,
the use of the SSN for purposes unrelated to the administration of
the Social Security system is a relatively recent phenomenon. The
number was first intended for use solely by the federal government as
a means of tracking earnings to determine the amount of Social
Security taxes to credit to each worker's account. Over the years,
however, the SSN has been used by government agencies and the private
sector for other purposes, often over the objection of independent
experts and the general public. See, e.g., A. Westin and M. Baker,
Databanks in a Free Society 399 (1972) ("adopting the Social Security
number officially as a national identifier or letting its use spread
unchecked cannot help but contribute to public distrust of
government").

The government was first permitted to use the SSN for tax
reporting purposes when Congress authorized the Internal Revenue
Service ("IRS") to use SSNs as taxpayer identification numbers. P.L.
87-397 (Oct. 5, 1961). However, it was recognized at that time that
this expanded use of the SSN would raise substantial privacy risks,
and those concerns have continued to grow.

Public opposition during the 1960s to the misuse of the Social
Security number was evident during a series of hearings held on
privacy and information collection. See, e.g., Federal Data Banks,
Computers and the Bill of Rights: Hearings Before the Subcommittee on
Constitutional Rights of the Senate Judiciary Committee, 92d Cong.,
1st Sess. Part I, 775-881 (1971). As Health, Education and Welfare
("HEW") Secretary Elliot Richardson testified in 1971:

There would certainly be an enormous convenience in
having a single identifier for each individual ... [making] more
efficient the acquisition, storage, and use of data .... It is the
very ease of assembling complete records, of course, which raises the
specter of invasion of privacy.

Id. at 784.

Two years later, an HEW advisory committee issued a report
recommending the development of extensive legal safeguards for the
record systems maintained by the federal government. The Secretary's
Advisory Committee on Automated Personal Data Systems, U.S.
Department of Health, Education and Welfare, Records, Computers and
the Rights of Citizens (1973) (hereinafter cited as "HEW Report") at
121. The advisory committee warned that the use of the SSN as a
personal identifier "would enhance the likelihood of arbitrary or
uncontrolled linkage of records about people, particularly between
government or government-supported automated personal data systems
..." Id. at 122 (footnote omitted). In recognition of that risk, the
advisory committee recommended the enactment of restrictions on the
disclosure and dissemination of the SSN. The HEW Report recommended
that:

* Uses of the Social Security number be limited to
only those purposes required by the federal government.

* Federal agencies should not require the use of the Social
Security number absent statutory authority.

* Congress evaluate any proposed use of the Social Security
number.

* Individuals have the right to refuse to provide their Social
Security numbers, and should suffer no harm for exercising this
right.

* Organizations required by Federal law to obtain the Social
Security number use the number solely for the purpose for which it
was obtained and not make any secondary use or disclose the SSN
without the informed consent of the individual.

Id. at 124-25.

Congress adopted those recommendations the following year through
passage of the Privacy Act, P.L. 93-579, 88 Stat. 1896, (1974). See
S. Rep.No. 1183, 93d Cong., 2d Sess. reprinted in 1974 U.S. Code
Cong. & Admin. News 6916, 6944-46 (citing HEW Report). The
Privacy Act makes clear that Congress gave special recognition to the
need to control the proliferation and misuse of the SSN. Section 7
makes it unlawful for any agency to deny any right, benefit or
privilege to any individual "because of such individual's refusal to
disclose his social security account number." It further provides
that any agency requesting an individual to disclose his or her SSN
must "inform that individual whether that disclosure is mandatory or
voluntary, by what statutory or other authority such number is
solicited, and what uses will be made of it." P.L. 93-579, Sec. 7, 88
Stat. 1896, 1909 (1974), reprinted in 5 U.S.C. Sec. 552a note (1982).

In Section 3 of the Act, Congress provided that

[n]o agency shall disclose any record which is
contained in a system of records by any means of communication to any
person, or to another agency, except pursuant to a written request
by, or with the prior written consent of, the individual to whom the
record pertains, unless the disclosure would be [in compliance with
several specified exceptions not applicable here].

5 U.S.C. Sec. 552a(b). A "record" is defined as

any item, collection, or grouping of information about
an individual that is maintained by an agency, including, but not
limited to his education, financial transactions, medical history,
and criminal or employment history and that contains his name, or the
identifying number, symbol, or other identifying particular assigned
to the individual ....

Id., Sec. 552a(a)(4).

In enacting these protections, Congress sought to prevent the
privacy violations made possible by the proliferation of the SSN.

Citizens' complaints to Congress and the findings of
several expert study groups have illustrated a common belief that a
threat to individual privacy and confidentiality of information is
posed by [expanding use of the SSN]. The concern goes both to the
development of one common number to label a person throughout society
and to the fact that the symbol most in demand is the Social Security
number, the key to one government dossier.

* * *

A cross-section of such complaints appearing in the subcommittee
hearings shows that people are pressured in the private sector to
surrender their numbers in order to get telephones, to check out
books in university libraries, to get checks cashed, to vote, to
obtain drivers' licenses, to be considered for bank loans, and many
other benefits, rights or privileges.

Amicus believes that the SSN privacy concerns Congress addressed
in 1974 have even greater force today. Computerization of public and
private sector databases, combined with insufficient attention to
privacy protection, has increased the incidence of misuse of the SSN.
As a congressional oversight committee recently noted,

[t]he extensive use of computers has resulted in the
wide-spread private sector use of the social security number as an
identifier. Many merchants require a customer to provide a social
security number as a condition of doing business. Credit bureaus use
the social security number to maintain individual credit files and
routinely sell this information to almost anyone who requests it. The
ability of the private sector to gather information such as credit
history, grocery store purchases, medical records (including
pre-natal information), family medical histories and genetic makeup
has raised fears that in the near future unregulated companies will
serve as national identity bureaus collecting and dispersing an
individual's most private information.

Use of Social Security Number as a National Identifier: Hearing
Before the Subcomm. on Social Security of the House Committee on Ways
and Means, 102d Cong., 1st Sess. 2-3 (1991) ("Use of SSN")
(Subcommittee hearing notice).

Amicus' opposition to the misuse of the SSN is also shared by the
Social Security Administration. As Gwendolyn S. King, Commissioner of
Social Security, testified before the subcommittee,

[the Social Security Administration] and the Congress
have historically had fundamental concerns about the possibility that
the SSN might become a universal identifier in this country. These
concerns center on questions of individual privacy and the increased
possibility of the invasion of that privacy if all records pertaining
to an individual could be accessed under one number. ...

The need for a unique number for individual records in computer
systems means that use of the SSN is likely to continue to expand in
the years ahead. While the Social Security Administration is not, and
we believe should not be, responsible for use of the SSN in the
private sector, we have a deep concern that individuals not be harmed
through carelessness in the use of the SSN.

Id. at 25 (Testimony of Gwendolyn S. King, Commissioner of Social
Security) (emphasis added). At issue in this case, we believe, is
precisely the invasion of privacy and "harm" to which the
Commissioner referred.

B. Disclosures of the SSN Jeopardize the
Confidentiality of Personal Information

Concerns over the proliferation of single personal identifiers --
both in the United States and abroad -- are well-founded. Given the
misuse of the SSN in the United States, access to the number provides
a window into the activities and lifestyle of any person. Social
Security Commissioner King recognized this in her congressional
testimony. "An individual's Social Security number is the key to
accessing a variety of information about that individual. That fact
has shaped [the Social Security Administration's] current policy [of
not disclosing SSNs without the individual's consent]." Use of SSN at
22.

The unnecessary disclosure of an individual's SSN creates the risk
of confidential information being disclosed to any person or
institution in possession of the individual's SSN. Because so much
information is now retrievable by a person in possession of the SSN,
the risk that personal information can be unlawfully obtained has
greatly increased.

This problem of aggregated personal information was well stated by
Congressman Frank Horton who said more than twenty-five years ago:

One of the most practical of our present safeguards of
privacy is the fragmented nature of personal information. It is
scattered in little bits across the geography and years of our life.
Retrieval is impractical and often impossible. A central data bank
removes completely this safeguard.

The Computer and the Invasion of Privacy: Hearings before the
Special Subcommittee on Invasion of Privacy of the House Committee on
Government Operations, 89th Cong., 2d Sess. 6 (1966).

Similarly, the Supreme Court has recognized that the aggregation
of personal information heightens the degree of protection that must
be afforded. In Reporters Committee, the Court affirmed the
withholding of an individual's criminal "rap sheet" under the Freedom
of Information Act. The Court noted "the power of compilations [of
information] to affect personal privacy that outstrips the combined
power of the bits of information contained within." 109 S. Ct. at
1477.

In practice, the use of the SSN for purposes unrelated to the
needs of the Social Security Administration has greatly diminished
the "fragmented nature of personal information," as Congressman
Horton warned against and Congress sought to prohibit through the
passage of the Privacy Act of 1974. The SSN, once disclosed, is the
key to that vast repository of personal information. As the Supreme
Court recognizes, "the power of compilations [such as those
accessible through an SSN] to affect personal privacy" mandates that
the courts be particularly vigilant in protecting the security of
aggregated personal information.

Recent news stories illustrate the threat to personal privacy
created by the indiscriminate disclosure of an individual's SSN.
According to the Wall Street Journal, Fidelity Investment offers a
toll-free telephone service that -- upon entry of a Social Security
number -- provides an audio summary of a customer's investment
portfolio. The system, which does not use a single-purpose, personal
identification number ("PIN")/10/ to verify a caller's identity,
permits anyone knowing the SSN of any Fidelity customer to access
that individual's confidential account information. Clements,
"Finding Out How Your Neighbor Invests is a Free Phone Call Away,"
Wall Street Journal, February 4, 1991, page C1.

The Boston Globe has reported that there are more than 300 cases
of fraud involving SSNs each year in Massachusetts. "Authorities say
that, with another person's Social Security number, a thief can apply
to obtain that person's welfare benefits, Social Security benefits,
credit cards or even the victim's paycheck." Neuffer, "Victims Urge
Crackdown on Identity Theft," The Boston Globe, July 9, 1991. In
California, reported cases of SSN fraud increased from 390 cases in
1988 to an estimated 800 cases in 1991. Anwar, "Thieves Hit Social
Security Numbers: Fouled Up Benefits and Credit," San Francisco
Chronicle, August 30, 1991, page 1.

The recent congressional testimony of the Deputy Inspector General
of the Department of Health and Human Services provides additional
evidence.

The SSN is a critical element of identification used
in nearly every sector of American society. As such, it has been
targeted for abuse in a wide variety of criminal activities. The SSN
can be used to obtain Social Security or other government benefits,
driver's licenses, credit cards, and passports. We often see persons
who commit a wide range of credit fraud and other crimes using false
SSNs to conceal their true identity. ...

* * *

Of the 1,066 criminal convictions the [Office of Inspector
General] obtained in fiscal year 1991 relating to fraud in Social
Security programs, 590 involved unlawful use of SSNs.

Statement of Larry D. Morey, Deputy Inspector General for
Investigations, Department of Health and Human Services, before the
Subcommittee on Social Security and Family Policy, Committee on
Finance, U.S. Senate, February 28, 1992, at 5-6.

The HEW advisory committee recognized the problem in 1973, noting
that "[a]s long as the SSN of an individual can be easily obtained
... , both individuals and the organizations that use it as a
password are vulnerable to whatever harm may result from
impersonation." HEW Report at 132.

"A further problem with the use of the SSN as an identifier is
that it makes it hard to control access to personal information." C.
Hibbert, What to do When They Ask for Your Social Security Number
(1992) at 3.

Even assuming you want someone to be able to find out
some things about you, there's no reason to believe that you want to
make all records concerning yourself available. When multiple record
systems are all keyed by the same identifier ... it becomes difficult
to allow someone access to some of the information about a person
while restricting them to certain topics.

Id.

The Court should regard the disclosure of the SSN as a critical
problem of public safety and information privacy. The number is akin
to the combination of a safe containing an individual's most intimate
possessions. Sensible information practices would mandate that the
use of the number be carefully controlled. The non-consensual
disclosure of an SSN is tantamount to the disclosure of highly
personal information.

C. The Need to Restrict the Use of
Personal Identification Numbers is Widely Recognized in Other
Countries

The particular privacy problem of multi-use identification
numbers, such as the SSN, is not unique to the United States. In
Canada, "the abuse of the Social Insurance Number is the only privacy
issue that has regularly commanded the attention of members of the
House of Commons in the last twenty years." D. Flaherty, Protecting
Privacy in Surveillance Societies 281 (1989). The Canadian government
has taken steps to prevent the Social Insurance Number from becoming
a universal personal identifier; a separate employee identifier is
being introduced for federal employees, and the matching of computer
files is being reduced./11/

In France, the memory that identification numbers on government
records were used to round up Jews during the Nazi occupation has
played an important role in the efforts to restrict the use of such
numbers. At a meeting of European data protection commissioners in
1980, France's National Commission on Informatics and Freedoms
prevented the development of international identity cards, the use of
personal identification numbers, and the assignment of a new unique
number to each recipient. Its solution was to attach a number to the
card and not the person, so that if a card was lost, the individual
received a new number. D. Flaherty, Protecting Privacy in
Surveillance Societies 227 (1989). The use of the card became a
matter of national debate in 1981. In an election statement on
informatics, Francois Mitterand stated that "the creation of
computerized identity cards contain a real danger for the liberty of
individuals." Id.

Today, as the Europeans consider the development of a
continent-wide standard for data protection, controlling the possible
misuse of unique identifiers remains a central concern. Portugal's
new constitution forbids the interconnection of files save in
exceptional cases, and it is clear that "citizens shall not be given
all purpose national identification numbers." Greece has instituted a
system of national identity numbers for certain public sector data
files, but the linkage of these files is forbidden by law. In
Australia, the Privacy Act of 1988 forbids the use of the tax file
number as a national identification system by "whatever means." M.
Spencer, 1992 And All That: Civil Liberties in the Balance 60 (1990).

II. The Courts have Recognized that Disclosure of an
SSN Violates Personal Privacy Rights

The federal courts have recognized that substantial privacy
interests are implicated in the disclosure of SSNs. Without
exception, every court that has had occasion to consider the issue
has reached the conclusion that the non-consensual release of an SSN
by a federal agency would constitute "a clearly unwarranted invasion
of personal privacy." See, e.g., IBEW Local No. 5 v. Department of
Housing and Urban Development, 852 F.2d 87, 89 (3d Cir. 1988).

In IBEW Local No. 5, a union sought the release of, inter alia,
the SSNs of non-union employees working for a federal contractor./13/
The Third Circuit began its analysis by noting that "there is a
presumption in favor of disclosure" in FOIA cases. 852 F.2d at
89./14/ Nonetheless, the court found that "the disclosure of the
Social Security numbers would constitute a clearly unwarranted
invasion of privacy and is therefore barred by Exemption 6." Id. The
court looked to the congressional policy embodied in the Privacy Act.

The employees have a strong privacy interest in their
Social Security numbers. Congress has recognized this privacy
interest by making unlawful any denial of a right, benefit, or
privilege by a government agency because of an individual's refusal
to disclose his Social Security number. Moreover, in its report
supporting the adoption of this provision, the Senate Committee
stated that the extensive use of Social Security numbers as universal
identifiers in both the public and private sectors is "one of the
most serious manifestations of privacy concerns in the Nation."

Id. (citations omitted).

Having recognized an individual's "strong privacy interest" in his
or her SSN, the Third Circuit cited the risk that the SSN, if
disclosed, could be misused and noted that "once a number is public
knowledge, it could wind up in anyone's hands." Id. (emphasis added).
Likewise, this Court has recognized the harm that would flow from the
FOIA disclosure of federal employees' home addresses:

[e]mployees have a strong privacy interest in their
home addresses. Disclosure could subject the employees to an
unchecked barrage of mailings and perhaps personal solicitations, for
no effective restraints could be placed on the range of uses to which
the information, once revealed, might be put.

Once an SSN "wind[s] up in anyone's hands," the potential privacy
ramifications are substantial. While the disclosure of this multi-use
identifier might not cause immediate harm to the individual, it is
the subsequent use that might be made of the SSN that is
determinative. As the D.C. Circuit emphasized in protecting the names
and addresses of federal annuitants from disclosure under FOIA,

[i]n virtually every case in which a privacy concern
is implicated, someone must take steps after the initial disclosure
in order to bring about the untoward effect. Disclosure does not,
literally by itself, constitute a harm .... Where there is a
substantial probability that disclosure will cause an interference
with personal privacy, it matters not that there may be two or three
links in the causal chain.

The judicial authority recognizing an individual's privacy
interest in the confidentiality of his or her SSN -- and in the
information to which the SSN is a key -- provides strong policy
arguments against the practice challenged here. And, as amicus has
shown, the potential for injury is not hypothetical. Instances of
fraud and invasion of privacy have increased markedly as
non-essential uses of the SSN have proliferated. In recognition of
this potential harm, the Court should scrutinize closely any claim
that the collection and dissemination of the SSN is necessary to
advance a compelling state interest. See, e.g., Norman v. Reed, 112
S. Ct. 698, 705 (1992); Anderson v. Celebrezze, 460 U.S. 780, 789
(1983).

III. The Collection and Dissemination of the SSN for
Election Purposes is Unnecessary and Serves no Significant State
Interest

Given the demonstrated risks inherent in the collection and
dissemination of the SSN, the challenged practice should only be
sustained if it is shown to be absolutely necessary and if less
intrusive alternatives do not exist. In fact, there are viable
alternatives that would serve the state's interest in administering
its system of voter registration.

Every day, organizations and institutions make decisions about the
design of their records systems and whether the use of the SSN is
necessary or appropriate. While some entities do opt to use the SSN,
many other organizations avoid the SSN and develop their own,
oftentimes more accurate, numbering schemes./15/ Similarly at the
state level, some states have placed an unnecessary reliance on the
SSN while others have developed better, less intrusive policies./16/
Single-purpose identification cards without universal identifiers can
actually enhance personal privacy by restricting the extent of a
person's identity that must be disclosed to interact with a large
institution. Library cards and driver's licenses are examples of such
limited purpose cards./17/

The practices of other states demonstrate that voter registration
systems can, indeed, be administered without resort to the SSN.
According to a report compiled by the Federal Election Commission
("FEC"), the nation's five most populous states -- California, New
York, Texas, Florida and Pennsylvania -- do not require their
citizens to provide SSNs when registering to vote. Federal Election
Commission, National Clearinghouse on Election Administration,
Technical Report 2 (February 1992). If California, with 14 million
registered voters (according to the FEC) can administer its
registration system without requiring the SSN, it is difficult to
fathom why Virginia, with 2.9 million voters, cannot do the same./18/

Aside from the question of Virginia collecting the SSN, there
remains the issue of the state disclosing it. While the state might
claim a marginal interest of "administrative convenience" in support
of the collection of the SSN, but see Harman v. Forsenius, 380 U.S.
528, 542 (1965), there is no articulable justification for the
disclosure of the number. In the face of the obvious and proven harm
inherent in the disclosure of an individual's SSN, Virginia's
reckless and unnecessary policy cannot be sustained.

CONCLUSION

The unnecessary collection and disclosure of Social Security
numbers constitutes a substantial invasion of privacy, as Congress,
the Social Security Administration and the courts have recognized. In
enacting the Privacy Act, Congress was motivated, in large part, by a
desire to curtail the proliferating use and disclosure of the number.
Virginia's requirement that Social Security numbers be provided --
and freely disclosed -- as a condition of voting places an
unwarranted and substantial burden on the exercise of that
fundamental right. The decision of the district court should be
reversed.

1 See, e.g., "The Redesign of the National Crime Information
Center (NCIC)," the Subcommittee on Civil and Constitutional Rights,
Committee on the Judiciary, House of Representatives, May 18, 1989
reprinted in FBI Oversight and Authorization Request for Fiscal Year
1990, 101st Cong., 1st Sess. 512 (1989); "The Computer Security Act
of 1987 (P.L. 100-235) and the Memorandum of Understanding Between
the National Institute of Standards and Technology (NIST) and the
National Security Agency (NSA)," the Subcommittee on Legislation and
National Security, Committee on Government Operations, House of
Representatives, May 4, 1989 reprinted in Military and Security
Control of Computer Security Issues, 101st Cong., 1st Sess. 80
(1989); "Amendments to the Fair Credit Reporting Act, before the
Subcommittee on Consumer Affairs and Coinage of the Committee on
Banking, Finance and Urban Affairs, House of Representatives, June
12, 1990, reprinted in Amendments to the Fair Credit Reporting Act,
101st Cong., 2d Sess. 774 (1990).

2 The Association for Computing Machinery ("ACM") Code of
Professional Conduct states that:

Ethical Considerations:

EC5.1 An ACM member should consider the health, privacy, and
general welfare of the public in the performance of his work.

"In Recognition of My Obligation to Society I Shall:
Protect the privacy and confidentiality of all information entrusted
to me"

The preliminary code of ethics for the International Federation of
Information Processing ("IFIP") makes data protection a central
provision of Individual Professional Ethics:

1.2 Protection of Privacy

Information Technology Professionals have a fundamental respect
for the privacy and integrity of individuals, groups, and
organizations. They are also aware that computerized invasion of
privacy, without informed authorization and consent, is a major,
continuing threat for potential abuse of individuals, groups, and
populations. Public trust in informatics is contingent upon vigilant
protection of established cultural and ethical norms of information
privacy.

20 Computers & Society 36 (March 1990) (emphasis added).

3 The Association for Computing Machinery, for instance, passed
the following resolution in 1974:

The Council of the ACM states its concern over the absence of
legislative safeguards against the misuse of universal identifiers,
including the Social Security Number, and urges the prompt generation
and passage of such legislation.

4 Willis H. Ware, a noted computer scientist at the Rand
Corporation and an advisor of CPSR, chaired the Secretary's Advisory
Committee on Automated Personal Data Systems of the Department of
Health, Education & Welfare. That Committee produced Records,
Computers and the Rights of Citizens (1973), a landmark report which
outlined the privacy risks of automated record sys-tems, recommended
various safeguards, and gave rise to the Privacy Act of 1974, the
most comprehensive privacy law in the United States. Joseph
Weizenbaum, an emeritus pro-fessor of Computer Science at MIT and a
member of CPSR, was also a member of the Advisory Committee.

Subsequent reports by the Office of Technology Assessment have
often relied heavily on computer scientists to assess the privacy
risks on automated information systems. See, e.g., Defending Secrets,
Sharing Data: New Locks and Keys for Electronic Information (1987).
See also National Research Council, Computers At Risk: Safe Computing
In the Information Age (1991).

6 See, e.g., "Protecting the Privacy of Social Security Numbers
and Records," the Subcommittee on Social Security and Family Policy,
Committee on Finance, U.S. Senate, February 28, 1992;Use of Social
Security Number as a National Identifier: Hearing Before the
Subcommittee on Social Security, House Committee on Ways and Means,
102d Cong., 1st Sess. (February 27, 1991) (testimony of Marc
Rotenberg, Director, CPSR Washington Office).

8 While the Court's analysis of Fourth Amendment claims under the
Katz test has raised substantial questions about the impact of
technological change upon "the reasonable expectation of privacy,"
see, e.g., Rakas v. Illinois, 439 U.S. 128, 431 n. 12 (1978); see
also Amsterdam, Perspectives on the Fourth Amendment, 56 Minn. L.
Rev. 349 (1974), where Congress has sought explicitly through
statutory authority to regulate an information practice, the privacy
protection must be broadly construed.

9 Likewise, considerations of bureaucratic convenience will not
sustain unwarranted barriers to the exercise of voting rights -- the
issue that is central to this case. As the Supreme Court has held,
"constitutional deprivations may not be justified by some remote
administrative benefit to the State." Harman v. Forsenius, 380 U.S.
528, 542 (1965).

10 Personal identification numbers ("PINs") refer to any identity
number associated with a card. In the United States, an individual
may have many PINs: a bank ATM card, a telephone charge card, a
workplace access card. In other countries such as Sweden and
Australia, the term "PIN" is often used to refer to a universal tax
number, similar to the SSN in the United States, and therefore raises
much of the same concern as the SSN.

11 Privacy Laws & Business, February 1989, at 4, quoted in M.
Spencer, 1992 And All That: Civil Liberties in the Balance 60 (1990).
See also Access Reports, July 11, 1990, at 6.

12 Amicus' research has uncovered no case in which a court has
authorized disclosure of SSNs under the FOIA.

13 In that case, the Union sought payroll records from the United
States Department of Housing and Urban Development ("HUD"). HUD
released the payroll records, including the employees' work
classification, hours worked, rates of pay, and gross and net pay
levels. However, HUD withheld the employees' names, home addresses,
and Social Security numbers.

14 The Third Circuit held in IBEW Local No. 5 that the disclosure
of the names and addresses of the employees would not constitute an
unwarranted invasion of privacy. 852 F.2d at 92. Although this Court
has not had occasion to consider the withholding of SSNs under FOIA,
it has long held that disclosure of the addresses of federal
employees under FOIA would constitute an unwarranted invasion of
privacy. American Federation of Gov't Employees v. United States, 712
F.2d 931 (4th Cir. 1983).

15 From a technical viewpoint, the SSN is a poorly designed
numbering scheme for personal identification. It lacks a "check sum
digit," i.e., a procedure for determining the facial validity of the
number.

16 For instance, the Maryland Motor Vehicle Administration
announced earlier this year that it will no longer require applicants
to divulge their SSN when obtaining or renewing driver's licenses.
Nor does Maryland print the SSN on its licenses. "Md. Forgets the
Number," Washington Post, February 27, 1992, at C6.

17 Computer scientists have developed new verification and
identification methods that protect security and privacy for
individuals while providing businesses and government agencies with
the information they need for commercial transactions and user
authentication. See, e.g., Chaum, "Security Without Identification:
Transaction Systems to Make Big Brother Obsolete," Communications of
the ACM (October 1985).

18 According to the FEC, voter registration figures for the 1988
presidential election in the other large states which do not require
SSNs were as follows: New York, 8.6 million; Texas, 8.2 million;
Florida, 6 million; and Pennsylvania, 5.9 million. Federal Election
Commission, National Clearinghouse on Election Administration,
Technical Report 1 (February 1992).